Scott Shackelford

Professor Scott J. Shackelford serves on the faculty of Indiana University where he is Cybersecurity Program Chair along with being Director of the Ostrom Workshop Program on Cybersecurity and Internet Governance. He is also an Affiliated Scholar at both the Harvard Kenney School’s Belfer Center for Science and International Affairs and Stanford’s Center for Internet and Society, as well as a Senior Fellow at the Center for Applied Cybersecurity Research, and a Term Member at the Council on Foreign Relations. Professor Shackelford has written more than 100 articles, book chapters, essays, and op-eds for diverse outlets ranging from the University of Illinois Law Review and the American Business Law Journal to the Christian Science Monitor, Huffington Post, Slate, the Conversation, and the San Francisco Chronicle. Similarly, Professor Shackelford’s research has been covered by diverse outlets, including Politico, NPR, Marketplace, Forbes, Time, Associated Press, Forensics Magazine, Law360, Indy Star, Washington Post, and the LA Times. He is also the author of Managing Cyber Attacks in International Law, Business, and Relations: In Search of Cyber Peace (Cambridge University Press, 2014). Both Professor Shackelford’s academic work and teaching have been recognized with numerous awards, including a Harvard University Research Fellowship, a Stanford University Hoover Institution National Fellowship, a Notre Dame Institute for Advanced Study Distinguished Fellowship, the 2014 Indiana University Outstanding Junior Faculty Award, and the 2015 Elinor Ostrom Award.

Although much work has been done on applying the law of warfare to cyber attacks, far less attention has been paid to defining a law of cyber peace applicable below the armed attack threshold. Among the most important unanswered questions is what exactly nations’ due diligence obligations are to one another and to the private sector, as well as how these obligations should be translated into policy.

It is difficult to think of two issues with a greater potential to negatively impact both our environment and the global economy than climate change and cyber attacks. Though long-term estimates on both are notoriously tough to pin down, contestedassessments on the cost of cyber attacks range from approximately $400 billion for 2014 to more than $3 trillion by 2020 (a figure, if true, larger than the global illegal drugs market).

In a move that could cost the EU up to 1.3 percent of its gross domestic product, according to the American Chamber of Commerce to the European Union, on Oct. 6 the European Court of Justice invalidated the 15-year old EU-US Safe Harbor Agreement in Schrems v. Data Protection Commissioner, causing some consternation among the more than 5,000 European and U.S. firms that rely on the Agreement to transfer EU data to U.S. servers.

Rarely does a day go by in which some variety of cyber attack is not front-page news. From Ashley Madison and the U.S. Office of Personnel Management to Sony, Saudi Aramco, and the Ukraine crisis, cybersecurity is increasingly taking center stage in diverse arenas of geopolitics, international economics, security, and law. But despite the increasing proliferation of these incidents, the field of international cybersecurity law and policy remains relatively immature, especially as it relates to cybersecurity due diligence.

The environmental situation facing many nations in the mid-to-late 20th century was bleak. Industrial waste caused the Cuyahoga River in Cleveland to catch fire in 1969. The Rhine River was long one of the most polluted waterways in Europe, similarly catching fire in 1986.

Pages

"hat's what Scott Shackelford, an associate professor of business law and ethics in the Indiana University Kelley School of Business, recommends. He recommends a program like Spirion (formerly Identity Finder) to find and encrypt sensitive information on your computer. "Also," he adds, "Don’t bank on your mobile phone, and consider using a separate secure wi-fi connection or other computer for personal computing at home.”"

"Scott Shackelford, chair of the cybersecurity program at Indiana University, Bloomington, says one big cause of the shortage is the lack of a focused talent pipeline. To train more cybersecurity workers and make them available to local government and other organizations, he proposes a “Cybersecurity Peace Corps.”

"In the last week, Facebook disclosed a campaign by foreign interests – likely from Russia -- to disrupt the 2018 midterm elections and announced dramatic spending increases on improvements to data privacy and security.